Vulnerabilities > Yoast > Yoast SEO > 16.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-40680 | Cross-site Scripting vulnerability in Yoast SEO Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Yoast Yoast SEO allows Stored XSS.This issue affects Yoast SEO: from n/a through 21.0. | 4.8 |
| 2022-02-28 | CVE-2021-25118 | Information Exposure vulnerability in Yoast SEO The Yoast SEO WordPress plugin (from versions 16.7 until 17.2) discloses the full internal path of featured images in posts via the wp/v2/posts REST endpoints which could help an attacker identify other vulnerabilities or help during the exploitation of other identified vulnerabilities. | 5.3 |